1) Router 0
en
conf t
<1) router encryption --> any router
service password-encryption
enable secret admin12345

verification: show running-config



<2) Enabble Logging on line--> on R3
login
logging asynchronous
logging host 167.167.40.3
logging trap informational
service timestamps log datetime

exit

<!-- Monitoring on any router--> 
show ip interface brief
show logging
show running-config


<3)-- enable AAA--> on R3
aaa new-model
username srmdb privilege 15 secret srmdb12345     #(full priviledge 15)

line console 0              #(Applies configuration to users connecting through the console cable)
login authentication default 
exit


<5)-- SSH-->

line vty 0 4                #(virtual terminal for ssh)
transport input ssh         #(only ssh, block telnet)
ip domain-name r1.com       #(set router domain name)
crypto key generate rsa
ip ssh version 2


line vty 0 4
login local
transport input ssh


<4)-- ACL blocking 167.167.10.3 on server-->
on R3

access-list 101 deny ip host 167.167.10.2 host 167.167.40.3
access-list 101 permit ip any any
interface g0/0
ip access-group 101 in


<5)<-- Static Routing -->
on R3
interface g0/0
ip address 167.167.10.1 255.255.255.0
exit
ip route 167.167.40.0 255.255.255.0 167.167.20.2

on R5
interface se0/1/0
ip address 167.167.20.1 255.255.255.0
exit
ip route 167.167.10.0 255.255.255.0 167.167.20.2

















